SSL/TLS just relies on a commonly trusted party (i.e. trusted by the client, and by the server). That trusted party "signs" the certificate(s). Since both parties "trust" the trusted party, both parties have access to the necessary public key that can verify the signature on the presented certificate.
So, bottom line, the answer to your question is "yes" Cheers Ken From: Oliver Marshall [mailto:[email protected]] Sent: Friday, 24 September 2010 5:27 PM To: NT System Admin Issues Subject: LDAP SSL using 3rd party certs Does anyone know if it's possible to secure LDAP without using a CA install on the network? For various reasons (mainly down to the remote web servers of which we don't appear to have any control) we can't use a CA and install our own root certs, but need to find a way to secure LDAP authentication over the web without anything being required to be installed on the remote server doing the checking of user details. Any ideas? Olly ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
